PHK says md5crypt() algorithm no longer secure

This week has been interesting with regards to online security: LinkedIn, Last.fm, eHarmony, et al had security issues and breaches.

Not directly related to these breaches, but still in the realm of security, Poul-Henning Kamp, the author of md5crypt(), has said that md5crypt() is no longer secure despite being recommended as a password hashing function. md5crypt is used to encrypt passwords on some FreeBSD systems.

The md5crypt password scrambler was created in 1995 by yours truly and was, back then, a sufficiently strong protection for passwords.

New research has shown that it can be run at a rate close to 1 million checks per second on COTS GPU hardware, which means that it is as prone to brute-force attacks as the DES based UNIX crypt was back in 1995: Any 8 character password can be found in a couple of days.

As the author of md5crypt, I implore everybody to migrate to a stronger password scrambler without undue delay.